have created several Organizations and Users in Azure AD. Sometimes I have to change User Account Status to Enabled or Disabled. When doing so, I would like to notify user by email that user’s account status was changed (e.g. when changing user account status to Enabled, I want to automatically send him/her an email that his/her account was enabled, and the same with Disabling account).
I have read some information about Azure AD Notifications feature but can not find enough of it to achieve what I want. Also, I can not locate “Notifications” section in left-hand menu in Azure AD. Why could that be? Maybe Notifications feature in AD was disabled?
If there is any more simple way to achieve desired result maybe some of you could write some Azure features/services
Hey @digitalcrankz welcome to the forums. We’re not really Azure AD experts around here (maybe speaking for myself), but I found the following. Not sure if it helps or not?
Azure AD does not have a built-in feature to send email notifications when a user’s account status changes. However, you can achieve this using Azure Logic Apps or Microsoft Power Automate (previously known as Microsoft Flow) to create a workflow that triggers an email notification when a user’s account status is changed.
Here is a step-by-step guide to set up a workflow using Azure Logic Apps:
- In the Azure portal, search for “Logic Apps” and click on “Create” to create a new Logic App.
- Fill in the required details, such as the subscription, resource group, name, and location for your Logic App, and click “Create”.
- Once the deployment is complete, open your new Logic App, and click “Logic App Designer” to start building your workflow.
- In the designer, search for the “Azure AD” connector and add the “When a user is updated” trigger. This trigger will initiate the workflow whenever a user’s information is changed in Azure AD.
- Configure the trigger by providing the necessary details like the tenant ID and sign-in information.
- Add a condition after the “When a user is updated” trigger to check if the user’s account status has changed. You can use the “Condition” action for this purpose. In the condition, compare the “accountEnabled” property from the trigger output with its previous value using the following expression:
@not(equals(triggerBody()?['accountEnabled'], triggerOutputs()?['body/accountEnabled']))
- In the “If true” branch of the condition, add another condition to check if the user’s account is now enabled or disabled. Compare the “accountEnabled” property from the trigger output with the boolean value
true
:
@equals(triggerBody()?['accountEnabled'], true)
- In the “If true” branch of the second condition (account enabled), add the “Send an email (V2)” action from the “Office 365 Outlook” connector. Configure the action with the recipient’s email address, subject, and body of the email. You can use dynamic content from the trigger output, such as the user’s display name and email address.
To: triggerOutputs()?['body/userPrincipalName']
Subject: “Your account has been enabled”
Body: “Hello [User’s display name], your account has been enabled. You can now access the services.”
- In the “If false” branch of the second condition (account disabled), add another “Send an email (V2)” action from the “Office 365 Outlook” connector. Configure the action similarly to the previous step but with a different subject and body to notify the user that their account has been disabled.
To: triggerOutputs()?['body/userPrincipalName']
Subject: “Your account has been disabled”
hi,
this trigger When a user is updated is not available